GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,921

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,773 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified... Moderate Unreviewed

CVE-2012-2532 was published May 13, 2022

** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA... Moderate Unreviewed

CVE-2018-12433 was published May 13, 2022

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side... Moderate Unreviewed

CVE-2018-12438 was published May 13, 2022

languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via... Moderate Unreviewed

CVE-2010-4401 was published May 13, 2022

Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php... Moderate Unreviewed

CVE-2011-3793 was published May 13, 2022

NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to... Moderate Unreviewed

CVE-2014-5215 was published May 13, 2022

In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. After... Moderate Unreviewed

CVE-2018-7675 was published May 13, 2022

Drupal 6.x before 6.31 and 7.x before 7.27 does not properly isolate the cached data of different... Moderate Unreviewed

CVE-2014-2983 was published May 13, 2022

The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java... Moderate Unreviewed

CVE-2016-3973 was published May 13, 2022

MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages... Moderate Unreviewed

CVE-2011-4360 was published May 13, 2022

The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers... Moderate Unreviewed

CVE-2017-11448 was published May 13, 2022

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when... Moderate Unreviewed

CVE-2018-16323 was published May 13, 2022

IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M,... Moderate Unreviewed

CVE-2018-10599 was published May 13, 2022

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to... Moderate Unreviewed

CVE-2016-2388 was published May 13, 2022

The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1... Moderate Unreviewed

CVE-2016-4839 was published May 13, 2022

Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Moderate Unreviewed

CVE-2015-0997 was published May 13, 2022

libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows... Moderate Unreviewed

CVE-2011-3441 was published May 13, 2022

mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha,... Moderate Unreviewed

CVE-2010-2068 was published May 13, 2022

mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend... Moderate Unreviewed

CVE-2010-2791 was published May 13, 2022

The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http... Moderate Unreviewed

CVE-2012-3502 was published May 13, 2022

System software utilizing Lazy FP state restore technique on systems using Intel Core-based... Moderate Unreviewed

CVE-2018-3665 was published May 13, 2022

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers... Moderate Unreviewed

CVE-2018-18566 was published May 13, 2022

The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which... Moderate Unreviewed

CVE-2012-5624 was published May 13, 2022

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2015-1857 was published May 13, 2022

Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop Moderate

CVE-2016-5001 was published for org.apache.hadoop:hadoop-common (Maven) May 13, 2022

Previous 1…239…271 Next

Previous 1 2 … 237 238 239 240 241 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,773 advisories